This vulnerability could also be exploited by a remote non-authenticated attacker via CSRF vector, since the application is prone to Cross-Site Request Forgery (CSRF) attacks. In order to do so an attacker should trick the logged-in administrator to visit a web page with CSRF exploit:<img src="http://[host]/symphony/system/authors/?order=asc&sort=id%20INTO%20OUTFILE%20%27/var/www/file.tx t%27%20--%20">